Skip to content

Security - Git argument injection via untrusted Kptfile ref enables file overwrite#4604

Merged
mozesl-nokia merged 2 commits into
kptdev:mainfrom
nokia:secgitinjection
Jul 2, 2026
Merged

Security - Git argument injection via untrusted Kptfile ref enables file overwrite#4604
mozesl-nokia merged 2 commits into
kptdev:mainfrom
nokia:secgitinjection

Conversation

@tgzsolt

@tgzsolt tgzsolt commented Jun 26, 2026

Copy link
Copy Markdown
Contributor
  • Description
    When kpt fetches a package, it recursively fetches sub-packages whose Kptfiles declare an upstream block (internal/util/get/get.go fetchPackages). The sub-package Kptfile is attacker-controlled content from the remote repository. Its upstream.git.ref field flows unmodified into GitUpstreamRepo.cacheRepo() as a requiredRefs entry. In the default branch of the switch (when the ref is neither a known branch/tag nor a full SHA), the ref s is passed directly to gitRunner.Run(ctx, "show", s) at line 441 with no -{-} separator and no validation that it does not begin with {-}. The git process runs with cmd.Dir set to {~}/.kpt/repos/<sha> (lines 105, 385/393). A ref value such as -{-}output=../../../.bashrc is interpreted by git show as the {-}{-}output=<file> option, causing git to write the HEAD commit display (whose commit message and diff are fully attacker-controlled in the attacker's second repository) to {-}{~}/.bashrc. A similar lack of - separator affects git reset --hard <commit> at internal/util/fetch/fetch.go:216 and git remote add origin <uri> at gitutil.go:386

  • Motivaton
    Remove security vulnerability

Copilot AI review requested due to automatic review settings June 26, 2026 13:14
@netlify

netlify Bot commented Jun 26, 2026

Copy link
Copy Markdown

Deploy Preview for kptdocs ready!

Name Link
🔨 Latest commit f1c312c
🔍 Latest deploy log https://app.netlify.com/projects/kptdocs/deploys/6a4625c767ae190008dd518a
😎 Deploy Preview https://deploy-preview-4604--kptdocs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
🤖 Make changes Run an agent on this branch

To edit notification comments on pull requests, go to your Netlify project configuration.

@dosubot dosubot Bot added size:L This PR changes 100-499 lines, ignoring generated files. bug Something isn't working labels Jun 26, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses a Git argument-injection vulnerability where attacker-controlled refs/URIs could be interpreted as git command-line options (e.g. git show --output=...), potentially enabling arbitrary file overwrite during package fetch/update flows.

Changes:

  • Introduces centralized validation (validateGitArg) to reject git refs/commits/URIs that begin with -, preventing option injection.
  • Refactors GitUpstreamRepo from a concrete struct into an interface backed by a broker implementation, adding deterministic ordering for Heads()/Tags().
  • Updates fetch/update/parse call sites and adds a regression test ensuring option-like refs are rejected.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
pkg/lib/util/parse/parse.go Simplifies branch listing by using gur.Heads() directly.
pkg/lib/util/fetch/fetch.go Updates cached repo plumbing to store GitUpstreamRepo interface values; adjusts ref resolution API usage.
pkg/lib/update/update.go Updates cached upstream repo cache type to the new GitUpstreamRepo interface.
pkg/lib/update/update_test.go Updates upstream repo URI access to gur.Uri() to match refactor.
internal/gitutil/gitutil.go Implements injection guard, refactors upstream repo into interface + broker, validates attacker-controlled inputs before invoking git.
internal/gitutil/gitutil_test.go Updates tests for new APIs and adds option-injection regression coverage.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread internal/gitutil/gitutil.go
Comment thread internal/gitutil/gitutil.go
Comment thread internal/gitutil/gitutil.go Outdated
Comment thread internal/gitutil/gitutil_test.go
@liamfallon

Copy link
Copy Markdown
Contributor

Does this overlap with #4598 ?

Comment thread internal/gitutil/gitutil.go
Comment thread internal/gitutil/gitutil.go Outdated
Comment thread internal/gitutil/gitutil.go Outdated
Comment thread internal/gitutil/gitutil.go Outdated
@tgzsolt tgzsolt force-pushed the secgitinjection branch 4 times, most recently from 6264882 to b7ff893 Compare June 30, 2026 14:55
@tgzsolt tgzsolt force-pushed the secgitinjection branch from 04c2646 to 3da4283 Compare July 1, 2026 06:31
@liamfallon

liamfallon commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Hi @tgzsolt , the CI tests won't run till we merge #4605 and you do a rebase. We'll try and get that PR merged ASAP.

…es file overwrite

Signed-off-by: tar <gabor.tar.ext@nokia.com>
@tgzsolt tgzsolt force-pushed the secgitinjection branch from d39ac49 to d40cf65 Compare July 1, 2026 07:18
@tgzsolt

tgzsolt commented Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

Hi @tgzsolt , the CI tests won't run till we merge #4605 and you do a rebase. We'll try and get that PR merged ASAP.

Ofc i can wait. Meanwhile i fixed (i think) it on this branch: bumped up the version in the testdata

@dosubot dosubot Bot added the lgtm label Jul 2, 2026
@mozesl-nokia mozesl-nokia merged commit 4691059 into kptdev:main Jul 2, 2026
15 checks passed
OisinJohnston2005 pushed a commit to Nordix/kpt that referenced this pull request Jul 3, 2026
…es file overwrite (kptdev#4604)

Signed-off-by: tar <gabor.tar.ext@nokia.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>
efiacor pushed a commit that referenced this pull request Jul 9, 2026
* Allowed the default prefix to be specified by env variable or cobra flag

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Added image-prefix as a cli option or env variable

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* It works this time

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Moved to a cleaner implementation and made the same logic apply to eval as well as render

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* cleaned her up a bit

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* cleaned up duplicate code and removed redundant code

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Adding rules to CONTRIBUTING.md (#4594)

* Adding rules to CONTRIBUTING.md

- Current CODEOWNER.md based rules for pr approvals.
  This will be changed ot the maintainer and contributor groups based rules
  once we agreed to apply them to all the repos.
- Rules for stale prs

Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>

* Apply suggestions from code review

Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>
Assisted-by: GitHub Copilot: Claude Haiku 4.5

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

---------

Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Fix basicpipeline-semver e2e expected output for set-labels v0.2.5 (#4605)

Signed-off-by: Aravindhan Ayyanathan <aravindhan.a@est.tech>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* docs: update Nephio documentation link in FAQ

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* First section of chapter 3 proofreading.

Signed-off-by: Michael Greaves <michael.greaves@nokia.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Chapter 3 proofreading.

Signed-off-by: Michael Greaves <michael.greaves@nokia.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Fixing indentations in chapter 3.

Signed-off-by: Michael Greaves <michael.greaves@nokia.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Corrections done in chapter 3.

Signed-off-by: Michael Greaves <michael.greaves@nokia.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Apply suggestions from code review

Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Apply suggestions from code review

Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Apply suggestions from code review

Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Breaking a long line

Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Fixing WordPress wording

Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>
Assisted-by: GitHub Copilot: Claude Haiku 4.5
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Apply suggestion from @Catalin-Stratulat-Ericsson

Co-authored-by: Catalin Stratulat <159934629+Catalin-Stratulat-Ericsson@users.noreply.github.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* porch docs navbar redirect (#4611)

Signed-off-by: Catalin-Stratulat-Ericsson <catalin.stratulat@ericsson.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* security - fix Git argument injection via untrusted Kptfile ref enables file overwrite (#4604)

Signed-off-by: tar <gabor.tar.ext@nokia.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Specifying allowed alert types (#4612)

* Specifying allowed alert types

Signed-off-by: Dominika Schweier <dominika.schweier@nokia.com>

* Specifying allowed alert types

Signed-off-by: Dominika Schweier <dominika.schweier@nokia.com>

* Apply suggestions from code review

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

---------

Signed-off-by: Dominika Schweier <dominika.schweier@nokia.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Simplify CI workflows: remove legacy GOPATH checkout pattern (#4597)

Signed-off-by: Aravindhan Ayyanathan <aravindhan.a@est.tech>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Fixed copilot comments

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* mention the environment variable in the help for the --image-prefix flag

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Fixed copilot comments

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Fixed copilot comments

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* Added prefix validation

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

* added unit tests and tightened validation requirements

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>

---------

Signed-off-by: Oisin Johnston <oisin.johnston@ericsson.com>
Signed-off-by: Gergely Csatari <gergely.csatari@nokia.com>
Signed-off-by: Aravindhan Ayyanathan <aravindhan.a@est.tech>
Signed-off-by: Michael Greaves <michael.greaves@nokia.com>
Signed-off-by: Catalin-Stratulat-Ericsson <catalin.stratulat@ericsson.com>
Signed-off-by: tar <gabor.tar.ext@nokia.com>
Signed-off-by: Dominika Schweier <dominika.schweier@nokia.com>
Co-authored-by: Gergely Csatari <gergely.csatari@nokia.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Aravindhan Ayyanathan <aravindhan.a@est.tech>
Co-authored-by: dosubot[bot] <131922026+dosubot[bot]@users.noreply.github.com>
Co-authored-by: Michael Greaves <michael.greaves@nokia.com>
Co-authored-by: Catalin Stratulat <159934629+Catalin-Stratulat-Ericsson@users.noreply.github.com>
Co-authored-by: Tar Gábor Zsolt <gabor.tar.ext@nokia.com>
Co-authored-by: Schweier Dominika <dominika.schweier@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working lgtm size:L This PR changes 100-499 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants